package com.i2works.smartluolong.utils.shiro.filter;

import com.alibaba.fastjson.JSONObject;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;


/**
 * 用户账号认证拦截器(登录成功执行)
 *
 * @author koal <koal@vip.qq.com>
 * @date 2018/2/1 13:51
 */
public class UserAuthStatusFilter extends AccessControlFilter {

    /**
     * 是否验证成功，返回true成功，返回false就会执行onAccessDenied
     */
    @Override
    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object o) throws Exception {
//        JSONObject user = getUser(servletRequest, servletResponse);
        return true;
    }

    /**
     * 验证失败后执行
     */
    @Override
    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
//        JSONObject user = getUser(servletRequest, servletResponse);
//        //判断用户信息填写是否完整，完整就跳转到认证界面，反之。
//        WebUtils.issueRedirect(servletRequest, servletResponse, "/user/auth/index");
        return false;
    }

    /**
     * 获取JSON格式的用户
     */
    private JSONObject getUser(ServletRequest servletRequest, ServletResponse servletResponse) {
        Subject subject = getSubject(servletRequest, servletResponse);
        Object userObj = subject.getPrincipals().iterator().next();
        String userStr = JSONObject.toJSONString(userObj);
        return JSONObject.parseObject(userStr);
    }

}
